From e0b0f2e3200ca382ad9380ef4a4c935a27579631 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 5 Jul 2026 22:04:20 +0000 Subject: [PATCH] build(deps): bump the github-actions group across 1 directory with 5 updates Bumps the github-actions group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `6` | `7` | | [docker/login-action](https://github.com/docker/login-action) | `4.2.0` | `4.4.0` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `4.1.0` | `4.2.0` | | [docker/metadata-action](https://github.com/docker/metadata-action) | `6.1.0` | `6.2.0` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `7.2.0` | `7.3.0` | Updates `actions/checkout` from 6 to 7 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v6...v7) Updates `docker/login-action` from 4.2.0 to 4.4.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/650006c6eb7dba73a995cc03b0b2d7f5ca915bee...af1e73f918a031802d376d3c8bbc3fe56130a9b0) Updates `docker/setup-buildx-action` from 4.1.0 to 4.2.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5...bb05f3f5519dd87d3ba754cc423b652a5edd6d2c) Updates `docker/metadata-action` from 6.1.0 to 6.2.0 - [Release notes](https://github.com/docker/metadata-action/releases) - [Commits](https://github.com/docker/metadata-action/compare/80c7e94dd9b9319bd5eb7a0e0fe9291e23a2a2e9...dc802804100637a589fabce1cb79ff13a1411302) Updates `docker/build-push-action` from 7.2.0 to 7.3.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/f9f3042f7e2789586610d6e8b85c8f03e5195baf...53b7df96c91f9c12dcc8a07bcb9ccacbed38856a) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: docker/login-action dependency-version: 4.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: docker/setup-buildx-action dependency-version: 4.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: docker/metadata-action dependency-version: 6.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: docker/build-push-action dependency-version: 7.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/build-images.yml | 4 ++-- .github/workflows/packages.yml | 2 +- .github/workflows/release.yml | 20 ++++++++++---------- .github/workflows/run-matrix.yml | 2 +- .github/workflows/test-fips.yml | 4 ++-- .github/workflows/test.yml | 8 ++++---- .github/workflows/updatecli.yml | 4 ++-- 7 files changed, 22 insertions(+), 22 deletions(-) diff --git a/.github/workflows/build-images.yml b/.github/workflows/build-images.yml index b6ebc6add..b066bd98f 100644 --- a/.github/workflows/build-images.yml +++ b/.github/workflows/build-images.yml @@ -19,10 +19,10 @@ jobs: IMAGE_NAME: ${{ github.repository }}/apm-agent-python-testing steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Login to ghcr.io - uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0 + uses: docker/login-action@af1e73f918a031802d376d3c8bbc3fe56130a9b0 # v4.4.0 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} diff --git a/.github/workflows/packages.yml b/.github/workflows/packages.yml index cb4c268c7..64b2a933e 100644 --- a/.github/workflows/packages.yml +++ b/.github/workflows/packages.yml @@ -20,5 +20,5 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: ./.github/actions/packages diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d7c8d02a0..56f21fdc1 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -19,7 +19,7 @@ jobs: id-token: write runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: ./.github/actions/build-distribution - name: generate build provenance uses: actions/attest@v4 @@ -43,7 +43,7 @@ jobs: id-token: write runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: ./.github/actions/packages - name: generate build provenance uses: actions/attest@v4 @@ -59,7 +59,7 @@ jobs: permissions: id-token: write # IMPORTANT: this permission is mandatory for trusted publishing steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: actions/download-artifact@v8 with: name: packages @@ -83,7 +83,7 @@ jobs: - build-distribution runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: actions/download-artifact@v8 with: name: build-distribution @@ -122,15 +122,15 @@ jobs: env: DOCKER_IMAGE_NAME: docker.elastic.co/observability/apm-agent-python steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4.1.0 + uses: docker/setup-buildx-action@bb05f3f5519dd87d3ba754cc423b652a5edd6d2c # v4.2.0 with: cache-binary: false - name: Log in to the Elastic Container registry - uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0 + uses: docker/login-action@af1e73f918a031802d376d3c8bbc3fe56130a9b0 # v4.4.0 with: registry: ${{ secrets.ELASTIC_DOCKER_REGISTRY }} username: ${{ secrets.ELASTIC_DOCKER_USERNAME }} @@ -143,7 +143,7 @@ jobs: - name: Extract metadata (tags, labels) id: docker-meta - uses: docker/metadata-action@80c7e94dd9b9319bd5eb7a0e0fe9291e23a2a2e9 # v6.1.0 + uses: docker/metadata-action@dc802804100637a589fabce1cb79ff13a1411302 # v6.2.0 with: images: ${{ env.DOCKER_IMAGE_NAME }} tags: | @@ -154,7 +154,7 @@ jobs: - name: Build and push image id: docker-push - uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7.2.0 + uses: docker/build-push-action@53b7df96c91f9c12dcc8a07bcb9ccacbed38856a # v7.3.0 with: context: . platforms: linux/amd64,linux/arm64 @@ -180,7 +180,7 @@ jobs: if: startsWith(github.ref, 'refs/tags') runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: actions/download-artifact@v8 with: name: arn-file diff --git a/.github/workflows/run-matrix.yml b/.github/workflows/run-matrix.yml index 7a0d18040..9726361ef 100644 --- a/.github/workflows/run-matrix.yml +++ b/.github/workflows/run-matrix.yml @@ -25,7 +25,7 @@ jobs: REGISTRY: ghcr.io IMAGE_NAME: ${{ github.repository }}/apm-agent-python-testing steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Run tests run: ./tests/scripts/docker/run_tests.sh ${{ matrix.version }} ${{ matrix.framework }} env: diff --git a/.github/workflows/test-fips.yml b/.github/workflows/test-fips.yml index 4c77c98f9..47022e02b 100644 --- a/.github/workflows/test-fips.yml +++ b/.github/workflows/test-fips.yml @@ -16,7 +16,7 @@ jobs: outputs: matrix: ${{ steps.generate.outputs.matrix }} steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - id: generate uses: elastic/oblt-actions/version-framework@v1 with: @@ -40,7 +40,7 @@ jobs: max-parallel: 10 matrix: ${{ fromJSON(needs.create-matrix.outputs.matrix) }} steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: check that python has fips mode enabled run: | python3 -c 'import _hashlib; assert _hashlib.get_fips_mode() == 1' diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 818d0199f..e7a0083b1 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -48,7 +48,7 @@ jobs: if: ${{ !inputs.skip-build }} runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: ./.github/actions/build-distribution @@ -59,7 +59,7 @@ jobs: data: ${{ steps.split.outputs.data }} chunks: ${{ steps.split.outputs.chunks }} steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 with: ref: ${{ inputs.ref || github.ref }} - id: generate @@ -142,7 +142,7 @@ jobs: FRAMEWORK: ${{ matrix.framework }} ASYNCIO: ${{ matrix.asyncio }} steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 with: ref: ${{ inputs.ref || github.ref }} - uses: actions/setup-python@v6 @@ -199,7 +199,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 with: ref: ${{ inputs.ref || github.ref }} diff --git a/.github/workflows/updatecli.yml b/.github/workflows/updatecli.yml index bf8e73c80..3f1837384 100644 --- a/.github/workflows/updatecli.yml +++ b/.github/workflows/updatecli.yml @@ -15,7 +15,7 @@ jobs: contents: read packages: read steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Get token id: get_token @@ -26,7 +26,7 @@ jobs: permission-contents: write permission-pull-requests: write - - uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0 + - uses: docker/login-action@af1e73f918a031802d376d3c8bbc3fe56130a9b0 # v4.4.0 with: registry: ghcr.io username: ${{ github.actor }}